﻿using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Tokens;
using System;
using System.Collections.Generic;
using System.Text;

namespace XW.Web.Framework.Jwt
{
    public static class IServiceCollectionExtensions
    {
        public static IServiceCollection ConfigureJwtAuthentication(
            this IServiceCollection services,
            JwtSecurityTokenOptions jwtOptions,
            IWebHostEnvironment env)
        {
            services
                .AddAuthentication(options =>
                {
                    options.DefaultChallengeScheme = jwtOptions.AuthenticationScheme;
                    options.DefaultAuthenticateScheme = jwtOptions.AuthenticationScheme;
                    options.DefaultScheme = jwtOptions.AuthenticationScheme;
                })
                .AddJwtBearer(jwtOptions.AuthenticationScheme, options =>
                {
                    options.RequireHttpsMetadata = !env.IsDevelopment();
                    options.TokenValidationParameters = new TokenValidationParameters()
                    {
                        ValidateIssuerSigningKey = true,
                        IssuerSigningKey = jwtOptions.SymetricSecurityKey,

                        ValidateIssuer = true,
                        ValidIssuer = jwtOptions.Issuer,

                        ValidateAudience = true,
                        ValidAudience = jwtOptions.Audience,

                        ValidateLifetime = true, // 是否验证超时
                        // token 超时验证
                        //LifetimeValidator = (  notBefore, expires, securityToken,  validationParameters) => {

                        //    return true;
                        //}
                    };
                });
            return services;
        }
        //public static IServiceCollection ConfigureJwtAuthentication(
        //this IServiceCollection services,
        //JwtSecurityTokenOptions jwtOptions,
        //Microsoft.AspNetCore.Hosting.IWebHostEnvironment env)
        //{
        //    services
        //        .AddAuthentication(options =>
        //        {
        //            options.DefaultChallengeScheme = jwtOptions.AuthenticationScheme;
        //            options.DefaultAuthenticateScheme = jwtOptions.AuthenticationScheme;
        //            options.DefaultScheme = jwtOptions.AuthenticationScheme;
        //        })
        //        .AddJwtBearer(jwtOptions.AuthenticationScheme, options =>
        //        {
        //            options.RequireHttpsMetadata = !env.IsDevelopment();
        //            options.TokenValidationParameters = new TokenValidationParameters()
        //            {
        //                ValidateIssuerSigningKey = true,
        //                IssuerSigningKey = jwtOptions.SymetricSecurityKey,

        //                ValidateIssuer = true,
        //                ValidIssuer = jwtOptions.Issuer,

        //                ValidateAudience = true,
        //                ValidAudience = jwtOptions.Audience,

        //                ValidateLifetime = true, // 是否验证超时
        //                // token 超时验证
        //                //LifetimeValidator = (  notBefore, expires, securityToken,  validationParameters) => {

        //                //    return true;
        //                //}
        //            };
        //        });
        //    return services;
        //}
    }
}
